Documents of Doom - Infecting macOS via Office Macros
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore a comprehensive analysis of macro-based attacks targeting Apple's macOS in this 28-minute conference talk from the Hack In The Box Security Conference. Delve into recent exploits, focusing on macOS-specific code and payloads. Uncover a novel exploit chain starting with CVE-2019-1457, involving a new sandbox escape and bypassing Apple's notarization requirements. Learn how simply opening a malicious Office document can persistently infect a fully-patched macOS Catalina system without additional user interaction. Gain insights from Patrick Wardle, a Principle Security Researcher at Jamf and founder of Objective-See, as he shares his expertise in macOS security. Follow the presentation's structure, covering an introduction to macros, extraction techniques, the macro chain, persistence methods, and concluding remarks.
Syllabus
Introduction
What is a macro
How to extract macros
Macro chain
Persistence
Conclusion
Taught by
Hack In The Box Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network